ovn L2 overlay 实验

ovn L2 overlay 实验

参考：link1

1.安装ovn ovs

先编译出ovs 和ovn的rpm包 参见前一篇

需要三台主机，使用VMware虚拟出来

• ovn-central 192.168.20.21
• host1 192.168.20.22
• host2 192.168.20.23

ovs三个节点都需要安装

rpm -ivh openvswitch-2.16.90-1.el7.x86_64.rpm

ovn（基于当前最新的ovn-21.09.90）编译出来有如下安装包

[root@192 ovnrpms]# ls
ovn-21.09.90-1.el7.x86_64.rpm            ovn-debuginfo-21.09.90-1.el7.x86_64.rpm  
ovn-host-21.09.90-1.el7.x86_64.rpm       ovn-central-21.09.90-1.el7.x86_64.rpm  
ovn-docker-21.09.90-1.el7.x86_64.rpm     ovn-vtep-21.09.90-1.el7.x86_64.rpm

在central节点除了安装ovs，还需要安装ovn-21.09.90-1.el7.x86_64.rpm 、 ovn-central-21.09.90-1.el7.x86_64.rpm

rpm -ivh ovn-21.09.90-1.el7.x86_64.rpm  ovn-central-21.09.90-1.el7.x86_64.rpm
#遇到依赖缺少yum解决即可

在host节点在central节点除了安装ovs，还需要安装ovn-21.09.90-1.el7.x86_64.rpm 、ovn-host-21.09.90-1.el7.x86_64.rpm

rpm -ivh ovn-21.09.90-1.el7.x86_64.rpm  ovn-host-21.09.90-1.el7.x86_64.rpm

安装成功后在会默认在ovs创建 br-int

2.配置central 和 host

1）配置central

安装完成配置南北向数据库监听指定的端口，这样才能建立南北向的连接

ovn-nbctl set-connection ptcp:6641:192.168.20.21
ovn-sbctl set-connection ptcp:6642:192.168.20.21

使用netstat -lntp 查看在6641 和6642 被监听

[root@192 ovnrpms]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 192.168.20.21:6641      0.0.0.0:*               LISTEN      8221/ovsdb-server
tcp        0      0 192.168.20.21:6642      0.0.0.0:*               LISTEN      8237/ovsdb-server

2）配置host

host需要配置将ovn-controller连接到ovn-central南向数据库

分别配置：到南向数据库的socket连接 - 使用的隧道封装方式 - 本机IP

host1

ovs-vsctl set open . external-ids:ovn-remote=tcp:192.168.20.21:6642  
ovs-vsctl set open . external-ids:ovn-encap-type=geneve               
ovs-vsctl set open . external-ids:ovn-encap-ip=192.168.20.22         

host2

ovs-vsctl set open . external-ids:ovn-remote=tcp:192.168.20.21:6642  
ovs-vsctl set open . external-ids:ovn-encap-type=geneve              
ovs-vsctl set open . external-ids:ovn-encap-ip=192.168.20.23        

当两个host都配置好后，分别在两个host执行ovs-vsctl，会在br-int 看到创建了一个到另一个host的隧道port。

[root@192 ~]# ovs-vsctl show
16e16f27-2a5f-419e-a1e4-b9f8c2c66ecf
    Bridge br-int
        fail_mode: secure
        datapath_type: system
        Port ovn-a09df6-0
            Interface ovn-a09df6-0
                type: geneve
                options: {csum="true", key=flow, remote_ip="192.168.20.23"}
        Port br-int
            Interface br-int
                type: internal
    ovs_version: "2.16.90"

3.使用namespace模拟创建vm

host1

ip netns add vm1
ip link add vm1-eth0 type veth peer name veth-vm1
ip link set veth-vm1 up
ip link set vm1-eth0 netns vm1
ip netns exec vm1 ip link set vm1-eth0 addres 00:00:00:00:00:01
ip netns exec vm1 ip link set vm1-eth0 up
ovs-vsctl add-port br-int veth-vm1 

host2

ip netns add vm2
ip link add vm2-eth0 type veth peer name veth-vm2
ip link set veth-vm2 up
ip link set vm2-eth0 netns vm2
ip netns exec vm2 ip link set vm2-eth0 addres 00:00:00:00:00:02
ip netns exec vm2 ip link set vm2-eth0 up
ovs-vsctl add-port br-int veth-vm2

4.创建logical-network

创建二层逻辑网络

ovn-nbctl ls-add sw1
ovn-nbctl lsp-add sw1 sw1-vm1
ovn-nbctl lsp-set-addresses sw1-vm1 "00:00:00:00:00:01 192.168.100.10"
ovn-nbctl lsp-add sw1 sw1-vm2
ovn-nbctl lsp-set-addresses sw1-vm2 "00:00:00:00:00:02 192.168.100.20"

在host上将vm连到端口

# host1
ovs-vsctl  set Interface  veth-vm1 external_ids:iface-id=sw1-vm1
ip netns exec vm1 ip addr add 192.168.0.10/24 dev vm1-eth0
# host2
ovs-vsctl  set Interface  veth-vm2 external_ids:iface-id=sw1-vm2
ip netns exec vm2 ip addr add 192.168.0.20/24 dev vm2-eth0

vm1 到 vm2 ping 通

ip netns exec vm1 ping 192.168.0.20